SSL Certificate Analysis for app.igualdade.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=careersuccessjourney.xyz

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 03, 2026

Valid Until

May 04, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DB:FC:27:74:D5:D6:50:08:05:22:5F:E6:2D:B0:EF:5C:E9:FE:82:BD:9C:CE:78:BC:21:3E:91:8A:DA:D4:C1:E2

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

igualdade.com *.igualdade.com *.m.igualdade.com *.ww38.igualdade.com

Other domains in certificate

777-slot.online *.777-slot.online *.sitemaps.777-slot.online *.www.777-slot.online

a7a.bet *.a7a.bet

alphaaibot.online *.alphaaibot.online

amazonpimemusic.com *.amazonpimemusic.com *.ww25.amazonpimemusic.com *.ww38.amazonpimemusic.com

betluck6.com *.betluck6.com *.cg.betluck6.com

careersuccessjourney.xyz *.careersuccessjourney.xyz *.kwid9.careersuccessjourney.xyz *.q86h5.careersuccessjourney.xyz

comoimportardachina.com.br *.comoimportardachina.com.br *.cpanel.comoimportardachina.com.br

consultatebg.eu *.consultatebg.eu *.ww38.consultatebg.eu

dendapasarpolonia.click *.dendapasarpolonia.click

*.admin.forwardyour.com forwardyour.com *.forwardyour.com *.plane.forwardyour.com

*.adx.freeflix.live freeflix.live *.freeflix.live *.nucleus.freeflix.live

gnomez.co *.gnomez.co *.oct.gnomez.co

*.1eba9deb-eab4-4303-8063-516fd96fde7d.huskyslotno1.click huskyslotno1.click *.huskyslotno1.click *.rustore.huskyslotno1.click

iglobals.com *.iglobals.com *.webmail.iglobals.com

*.co.manews.site manews.site *.manews.site

*.luthfiah.mawar.com mawar.com *.mawar.com

osex.me *.osex.me

playpoint.bet *.playpoint.bet

prizepacks.com.au *.prizepacks.com.au

qeamn.com *.qeamn.com *.uucc.qeamn.com

qweasdz.click *.qweasdz.click

royalz.io *.royalz.io

rtpbosslot77gacorr.click *.rtpbosslot77gacorr.click

*.bid.shirley.life shirley.life *.shirley.life

*.canvas.sivrialan.net *.hghfdtry13.sivrialan.net *.kfdjgtryu14.sivrialan.net *.m.sivrialan.net *.mail.sivrialan.net sivrialan.net *.sivrialan.net *.test.sivrialan.net *.ufghdsty2.sivrialan.net *.ujfhgrty20.sivrialan.net *.webdav.sivrialan.net

*.d.xxxgirllove.xyz *.d2bm6i9vjk5s73dq0vhg.xxxgirllove.xyz *.www.xxxgirllove.xyz xxxgirllove.xyz *.xxxgirllove.xyz